|
|
|
@1704
|
[1704]
|
11/10/08 11:37:55 |
till |
honeytrap
- missing asprintf return value check added |
|
|
|
@1703
|
[1703]
|
11/09/08 22:01:28 |
till |
honeytrap
- missing mode for open() with O_CREAT added |
|
|
|
@1698
|
[1698]
|
11/06/08 10:02:03 |
till |
honeytrap
- added missing #define _GNU_SOURCE |
|
|
|
@1697
|
[1697]
|
10/17/08 21:39:27 |
till |
honeytrap
- store number of download tries in attack records |
|
|
|
@1695
|
[1695]
|
09/26/08 15:37:50 |
common |
honeytrap
- cpuEmu, binary safe appending for shells and discard all emu … |
|
|
|
@1694
|
[1694]
|
09/25/08 23:00:55 |
till |
honeytrap
- sample cpuEmu plugin configuration |
|
|
|
@1693
|
[1693]
|
09/25/08 22:54:52 |
till |
honeytrap
- common's changes to the cpuEmu plugin added
- new plugin … |
|
|
|
@1690
|
[1690]
|
09/11/08 18:27:26 |
till |
honeytrap
- submitMWserv plugin fixed, curl handle gets only initialized … |
|
|
|
@1689
|
[1689]
|
09/11/08 01:50:24 |
till |
honeytrap
- logleven for filename logging changed back to DEBUG |
|
|
|
@1688
|
[1688]
|
09/11/08 01:48:24 |
till |
honeytrap
- magicPE plugin for identifying PE files that are submitted as … |
|
|
|
@1686
|
[1686]
|
09/10/08 22:27:50 |
till |
honeytrap
- submitMWserv plugin for submissions to the mwcollect alliance |
|
|
|
@1685
|
[1685]
|
09/10/08 21:59:31 |
oxff |
honetytrap:
- added heartbeat sending to submitMwserv module; uses ugly … |
|
|
|
@1683
|
[1683]
|
09/09/08 23:11:27 |
till |
honeytrap
- support for periodic events (resolution: 1 second) |
|
|
|
@1677
|
[1677]
|
07/31/08 21:18:45 |
till |
honeytrap
- 'bind_address' configuration option added for binding dynamic … |
|
|
|
@1663
|
[1663]
|
07/28/08 00:23:32 |
till |
honeytrap
- cpuEmu: socket endpoint logging etc. |
|
|
|
@1662
|
[1662]
|
07/27/08 14:40:11 |
common |
honeytrap
- htm_cpuEmu fixes get the basics working |
|
|
|
@1651
|
[1651]
|
07/09/08 20:00:20 |
till |
honeytrap
- missing length parameter to snprintf added |
|
|
|
@1645
|
[1645]
|
07/07/08 17:05:02 |
till |
honeytrap
- void casting for va_args to suppress compile warnings |
|
|
|
@1644
|
[1644]
|
07/07/08 17:02:59 |
till |
honeytrap
- void casting for va_args to suppress compile warnings |
|
|
|
@1641
|
[1641]
|
06/30/08 23:31:07 |
till |
honeytrap
- configurable sensor id
- length restriction for sql statements … |
|
|
|
@1636
|
[1636]
|
06/27/08 21:30:14 |
till |
honeytrap
- replace SavePostgres? with SubmitPostgres? |
|
|
|
@1634
|
[1634]
|
06/21/08 20:49:48 |
till |
honeytrap
- cpuEmu: code stepping corrected |
|
|
|
@1633
|
[1633]
|
06/21/08 20:17:58 |
till |
honeytrap
- reworked emu plugin |
|
|
|
@1625
|
[1625]
|
05/28/08 21:32:07 |
till |
honeytrap
- reworked NFQ stream monitor hooking to prevent unbinding … |
|
|
|
@1600
|
[1600]
|
03/12/08 20:09:48 |
till |
honeytrap
- minor cosmetic changes
- edit distance tool corrected |
|
|
|
@1580
|
[1580]
|
02/28/08 22:57:06 |
till |
honeytrap
- working submit-mwserv module |
|
|
|
@1579
|
[1579]
|
02/28/08 21:49:03 |
oxff |
fixed broken libcurl usage and server response interpretation |
|
|
|
@1578
|
[1578]
|
02/28/08 17:44:57 |
till |
honeytrap
- submit-mwserv plugin |
|
|
|
@1577
|
[1577]
|
02/28/08 17:31:14 |
till |
honeytrap
- tftpDownload plugin fixed |
|
|
|
@1569
|
[1569]
|
02/25/08 09:23:26 |
till |
honeytrap
- endian awareness added |
|
|
|
@1567
|
[1567]
|
02/24/08 18:54:49 |
till |
honeytrap
- submitNebula: buffer size corrected |
|
|
|
@1565
|
[1565]
|
02/22/08 21:07:39 |
till |
honeytrap
- submitNebula: honeytrap logging function for HMAC errors |
|
|
|
@1564
|
[1564]
|
02/22/08 21:03:41 |
till |
honeytrap
- submitNebula: HMAC protected submissions
- submitNebula: … |
|
|
|
@1561
|
[1561]
|
02/19/08 22:20:23 |
till |
honeytrap
- hash(pss+nonce) Nebula submission authentication |
|
|
|
@1557
|
[1557]
|
02/17/08 21:53:39 |
till |
honeytrap
- reworked Nebula submission module |
|
|
|
@1556
|
[1556]
|
02/17/08 13:48:51 |
till |
nebula
- check md5 hash before nebula submission |
|
|
|
@1555
|
[1555]
|
02/17/08 13:25:24 |
till |
honeytrap
- simple Nebula submission plugin |
|
|
|
@1536
|
[1536]
|
01/23/08 22:15:12 |
till |
honeytrap
- local/remote socket endpoint confusions corrected |
|
|
|
@1506
|
[1506]
|
01/13/08 22:02:05 |
till |
honeytrap
- asprintf()'s for realloc()+snprintf()
- Error handling for … |
|
|
|
@1490
|
[1490]
|
12/12/07 11:19:31 |
till |
honeytrap
- address confusion, getsockname instead of getpeername |
|
|
|
@1489
|
[1489]
|
12/12/07 00:32:41 |
till |
honeytrap
- submitMWserv module
- local ip address/port added to sample … |
|
|
|
@1440
|
[1440]
|
11/20/07 17:58:04 |
till |
honeytrap
- Fix: improper logging of IP address pairs |
|
|
|
@1427
|
[1427]
|
10/28/07 15:08:42 |
till |
honeytrap
- doubly used index var, fixed |
|
|
|
@1425
|
[1425]
|
10/27/07 13:09:48 |
till |
honeytrap
- weekend cleaning |
|
|
|
@1422
|
[1422]
|
10/15/07 12:02:41 |
till |
honeytrap
- submitMWserv module template: plugin prio corrected |
|
|
|
@1408
|
[1408]
|
10/08/07 20:41:00 |
till |
honeytrap
- improved ip address validation |
|
|
|
@1407
|
[1407]
|
10/07/07 21:28:52 |
till |
honeytrap
- fancy, more intelligent configure script
- basic pop3 default … |
|
|
|
@1404
|
[1404]
|
10/06/07 21:34:49 |
till |
honeytrap
- process id in pid file got truncated, fixed |
|
|
|
@1389
|
[1389]
|
09/22/07 22:05:09 |
till |
honeytrap - non-blocking reads for connectback sessions |
|
|
|
@1388
|
[1388]
|
09/22/07 21:49:20 |
till |
honeytrap - wrong AM_YFLAGS prefix removed |
|
|
|
@1387
|
[1387]
|
09/22/07 21:34:52 |
till |
honeytrap - basic cspm plugin |
|
|
|
@1365
|
[1365]
|
08/31/07 21:40:23 |
till |
-fix: uninitialized sigaction structs could lead to segfaults |
|
|
|
@1361
|
[1361]
|
08/24/07 21:42:59 |
till |
- ... i really like inet_ntoa() … |
|
|
|
@1360
|
[1360]
|
08/24/07 21:28:24 |
till |
- log addressed target in a grep'able way |
|
|
|
@1356
|
[1356]
|
08/21/07 13:51:32 |
till |
- VNC plugin redesigned to create virtual attacks
- Basic http download … |
|
|
|
@1355
|
[1355]
|
08/21/07 11:23:47 |
till |
- fix: corrected error in logical expression when searching for default … |
|
|
|
@1354
|
[1354]
|
08/20/07 11:18:53 |
till |
- fix: some weird signal handling stuff… |
|
|
|
@1345
|
[1345]
|
08/03/07 18:20:39 |
till |
- fix: one signal pipe per process
- fix: consider signal pipe when … |
|
|
|
@1334
|
[1334]
|
07/25/07 17:03:28 |
till |
- accept() incoming connection first, then try to mirror connect()
- etc. |
|
|
|
@1293
|
[1293]
|
06/22/07 12:49:13 |
till |
- file descriptor handling for daemon mode fixed
- some return value … |
|
|
|
@1292
|
[1292]
|
06/21/07 17:31:57 |
till |
- safe signal handling through per-process signal pipes
- increased … |
|
|
|
@1286
|
[1286]
|
06/10/07 20:22:28 |
till |
- Default port configuration can be set to "ignore", "normal" or … |
|
|
|
@1283
|
[1283]
|
06/06/07 10:04:16 |
till |
- unfreeze unsupported packtes in ipq/nfq connection monitors
- skeleton … |
|
|
|
@1282
|
[1282]
|
06/04/07 00:53:43 |
till |
further cleanups |
|
|
|
@1281
|
[1281]
|
06/01/07 21:13:58 |
till |
- improved build process: AC_CONDITIONALs for stream monitors
- code … |
|
|
|
@1280
|
[1280]
|
05/29/07 23:58:57 |
till |
missing include added |
|
|
|
@1279
|
[1279]
|
05/29/07 23:42:11 |
till |
- plugin log messages prefixed
- handling of list values in config file … |
|
|
|
@1272
|
[1272]
|
05/21/07 11:01:10 |
till |
damn nfq_set_verdict() - hope I got it right now |
|
|
|
@1271
|
[1271]
|
05/21/07 10:24:47 |
till |
missing close(socket) added and nfq_set_verdict() return value checks |
|
|
|
@1270
|
[1270]
|
05/20/07 15:22:17 |
till |
honeytrap 1.0.0 started
- New configuration concept with hierarchically … |
|
|
|
@1268
|
[1268]
|
05/13/07 11:08:55 |
till |
config file semantics checker |
|
|
|
@1252
|
[1252]
|
05/04/07 21:14:13 |
till |
first version of a libemu-based shellcode analysis plugin |
|
|
|
@1251
|
[1251]
|
05/04/07 09:49:46 |
till |
use relative libpq include paths |
|
|
|
@1249
|
[1249]
|
05/02/07 21:50:56 |
till |
make plugins optional in autotools build process |
|
|
|
@1248
|
[1248]
|
05/01/07 13:26:56 |
till |
some db stuff |
|
|
|
@1241
|
[1241]
|
04/26/07 17:37:01 |
till |
aSaveFile also takes care for storing malware on disc now |
|
|
|
@1238
|
[1238]
|
04/25/07 23:08:54 |
till |
udp confusions, fixed |
|
|
|
@1226
|
[1226]
|
04/21/07 00:46:03 |
till |
samples are stored in postgres db |
|
|
|
@1222
|
[1222]
|
04/16/07 23:17:06 |
till |
fto port command repaired |
|
|
|
@1221
|
[1221]
|
04/16/07 18:10:02 |
till |
plugin priorities, small fixes |
|
|
|
@1202
|
[1202]
|
04/04/07 18:51:10 |
till |
clean out svn (Markus, I give up) |
|
|
|
@1201
|
[1201]
|
04/04/07 18:47:08 |
till |
postgres plugin, lots of improvements |
|
|
|
@1142
|
[1142]
|
03/16/07 17:01:08 |
till |
fix plugin install bug |
|
|
|
@1132
|
[1132]
|
02/19/07 22:06:50 |
honeytrap |
typo fixed |
|
|
|
@1131
|
[1131]
|
02/19/07 21:43:08 |
honeytrap |
nfqueue connection monitor |
|
|
|
@1129
|
[1129]
|
02/18/07 17:04:59 |
honeytrap |
compile bugs fixed |
|
|
|
@1128
|
[1128]
|
02/18/07 11:53:30 |
honeytrap |
compile bugs fixed |
|
|
|
@1127
|
[1127]
|
02/17/07 17:19:37 |
honeytrap |
minor fixes |
|
|
|
@1126
|
[1126]
|
02/17/07 16:16:29 |
honeytrap |
compile warnings eliminated |
|
|
|
@1125
|
[1125]
|
02/16/07 21:58:23 |
honeytrap |
bugfixes |
|
|
|
@1124
|
[1124]
|
02/04/07 21:45:19 |
honeytrap |
compatibility changes |
|
|
|
@1123
|
[1123]
|
01/28/07 15:19:35 |
honeytrap |
some bugfixes |
|
|
|
@1120
|
[1120]
|
01/24/07 23:51:38 |
honeytrap |
fixes for some type casts |
|
|
|
@1119
|
[1119]
|
01/24/07 23:34:10 |
honeytrap |
changes for 0.6.4 |
|
|
|
@1117
|
[1117]
|
12/28/06 00:44:01 |
honeytrap |
fixes and improvements |
|
|
|
@1116
|
[1116]
|
12/05/06 00:23:58 |
honeytrap |
improved ipq packet processing |
|
|
|
@1115
|
[1115]
|
12/04/06 23:53:44 |
honeytrap |
improved ipq packet processing |
|
|
|
@1114
|
[1114]
|
11/29/06 22:26:24 |
honeytrap |
fixes, redesign and udp support |
|
|
|
@1113
|
[1113]
|
11/03/06 13:40:57 |
honeytrap |
logging output fixed |
|
|
|
@1108
|
[1108]
|
10/18/06 21:09:09 |
honeytrap |
spamsum plugin |
